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DETAILED ACTION 
Claim Rejections - 35 USC §102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 

2. Claims 21-41 are rejected under 35 U.S.C. 102(a) as being anticipated by Jansen et al. 
NIST Special Publication 800-19-Mobile Agent Security. 

3. As per claim 21, Jansen teaches a server, in communication with a first host and a second 
host(see top of pg. 19, lines 1-3), the first and second hosts executing a mobile application that 
jumps from the first host to the second host during execution and passes through the server(see 
pg. 19), the server storing, prior to a jump to the second host, a first instance of the mobile 
application, an instance of the mobile application including executable code for the mobile 
application, this is taught in Jansen because Jansen teaches, storing, at a centralized security 
enforcement node, prior to jump to a receiving host from a dispatching host(see pg. 2, 2 nd 
paragraph teaches Mobile agents(MA)hopping from peer to peer, see fig. 1 also teaches 
centralized security and dispatching host), the server receiving from the first host, during the 
jump to the second host, a second instance of the mobile application, and the server detecting 
unwanted changes in contents of the mobile application including comparing the first and second 
instances(see Section, 2.1.2, 3.2, pg. 9 and 4.2.2). 

4. As per claim 22, Jansen teaches wherein the contents are one or more from the group 
containing code, state data and itinerary data(see pg. 17, section 4.1.4, pg. 21, 4.2.2). 
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5. As per claim 23, Jansen teaches wherein the server detects unwanted changes responsive 
to receiving the mobile application from an untrusted host(see pg. 6, section 2.3.4, 3.2). 

6. As per claim 24, Jansen teaches wherein the server stores the first instance of the mobile 
application responsive to the mobile application being received from a trusted host(see section 
3.2, pg. 9, and 4.2.2). 

7. As per claim 25, Jansen teaches wherein the first instance includes a first checksum and 
the second instance includes a second checksum(see section 3.3, pg. 10-11, section 4, pg. 13). 

8. As per claim 26, Jansen teaches wherein the first instance includes a copy of the mobile 
application as it existed prior to the jump and the second instance includes a copy of the mobile 
application as it existed during the jump(see section, 2.1.2, 3.2, pg. 9 and 4.2.2). 

9. As per claim 27, Jansen teaches wherein the server forwards the mobile application to the 
second host(see pg. 19). 

10. As per claims 28, 35, Jansen teaches a centralized method for verifying integrity of a 
jumping mobile application at a location other than a dispatching host or a receiving host(see pg. 
19), storing, prior to a jump and at a server, a first instance of a mobile application that jumps 
from a first host to a second host during execution, an instance of the mobile application 
including executable code for the mobile application; receiving, during the jump and at the 
server, a second instance of the mobile application(see pg. 2, and section 2. 1 .2, 4.2.2); and 
detecting unwanted changes in contents of the mobile application including the server comparing 
the first and second instances(see section 3.2). 

11. As per claim 29, it is rejected under the same basis as claim 22. 
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12. As per claim 30, Jansen teaches wherein detecting unwanted changes includes detecting 
unwanted changes responsive to receiving the mobile application from an untrusted host(see pg. 
15-17, section 3.2, 4.2.2). 

13. As per claim 31, Jansen teaches wherein storing includes storing the first instance of the 
mobile application responsive to the mobile application being received from a trusted host(see 
pg. 2, section 2.1.2, 4.2.2). 

14. As per claim 32, it is rejected under the same basis as claim 25. 

1 5. As per claim 33, it is rejected under the same basis as claim 26. 

16. As per claims 34, 41, it is rejected under the same basis as claim 27. 

17. As per claim 37, it is rejected under the same basis as claim 30. 

18. As per claim 38, it is rejected under the same basis as claim 3 1 . 

19. As per claim 39, it is rejected under the same basis as claim 25. 

20. As per claim 40, it is rejected under the same basis as claim 26. 

21 . As per claim 42-43 are allowable for the features of, "when the first host is determined as 
being allowed to inject code, retrieve the code from the first host and send the code to the mobile 
application". In the prior art of security nor networking discloses inject code in the mobile 
application. Prior art discloses the mobile application jumping to another host or application, but 
does not disclose injecting code. 

Response to Amendment 

22. The Applicant states that Jansen does not teach "the central computer further includes 
means for monitoring the security of the mobile application as it jumps between the host 
computers wherein when the mobile application is communicated from a first host to a second 
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host, it passes through the central computer" as set forth in the claim. The Examiner disagrees 
with the Applicant, Jansen teaches that the Jumping beans agent system addressed security issues 
by implementing a client-server architecture, whereby an agent always returns to a secure central 
host before moving onto any other platform(see pg. 19). 

23. The Applicant states that Jansen does not disclose the server storing, prior to a jump to 
the second host, a first instance of the mobile application. The Examiner disagrees with the 
Applicant. Jansen discloses an itinerary that has a list of mobile applications that will be 
visited(see pg. 19). 

24. The Applicant states that Jansen does not disclose the security monitoring means for 
detecting unwanted changes in the code associated with the mobile application when the mobile 
application is jumping between hosts. The Examiner disagrees since Jansen teaches a central 
host allowing tampering to be detected and prevented from accepting agents/code from someone 
not defined as a trusted peer(see pg. 19). Further, the claims do not mention anything dealing 
with denial of service attacks. Therefore, this argument is moot. 
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25. The Applicant states that Jansen does not disclose the central computer detects unwanted 
changes in the code associated with the mobile application when the mobile application is 
jumping between hosts. The Examiner disagrees since Jansen teaches a secure central host 
which is interpreted as being capable of providing central security(see pg. 19). Further, Jansen 
discloses that a digital signature is included into the code, if the digital signature can verified 
than the agent has not been tampered with, if it cannot be verified that it has been tampered 
with(seepg. 16, 18). 

26. The Applicant states that Jansen does not teach that a central computer stores a copy of a 
mobile application and then compares it to the mobile application after execution by another 
host. The Examiner disagrees with the Applicant. Jansen teaches this, because Jansen teaches 
protecting against modification of code, i.e. comparing the original to the one received and 
section 4.2.2 Mutual Itinerary Recording teaches tracking and comparing the Itinerary list as it 
traverses the peers-Since Jansen teaches both central and distributed Central host(see pg. 19), 
this reads on using one stored copy for comparison purposes. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E. Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E. Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 pm) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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